Russ Housley <housley(_at_)spyrus(_dot_)com> writes:
The attack is probably impossible to mount using S/MIME against a
human-operated mail agent; however, I am not convinced that a mail list
agent (or other automated mail agent) would be immune. Further, CMS is
being used in many environments, not just S/MIME, and some of those
environments may have issues.
Understood, but it's trivial to patch these S/MIME agents to
be completely immune to this attack without compromising compatibility.
OAEP have been available for years. PKCS#1 v2.0 includes it. I do not
think that it is immature.
That's not the issue that I am concerned with. Rather, I'm concerned
with introducing gratuitous incompatibilities.
-Ekr